Configuring localized data compliance settings

Available for User roles Super Admin, Admin
Packages All packages

Hiring talent from across the world requires compliance with a global range of data handling regulations. Lever provides flexibility when it comes to localizing data retention and anonymization policies by allowing you to configure when anonymization of candidate data should occur based on the location of the jobs for which they apply as well as which pieces of candidate information should be anonymized. Readers of this article will learn about:

Why data compliance settings need to be localized

Data handling regulations can vary by country. Retaining a candidate's data in your system for longer than is allowed by local regulations could result in a breach of compliance. The data retention periods that you define in your Lever environment along with the categories of information that you retain post-anonymization should comply with the regulations in the different countries in which you are hiring. 

Configuring data retention and anonymization policies by country


Localized data compliance settings can only be configured by users with Super Admin or Admin access.

To configure data compliance settings for your Lever environment:

  • Navigate to Settings > Data compliance
  • On the 'Data Compliance' page, you will see the list of countries defined in your company settings.
    • To make changes to the countries for which you can configure data compliance policies, navigate to Settings > Company > Location.

Data Compliance page in Lever Settings

  • To enable a custom data compliance policy for a specific country, move the toggle next to the listed country name to the 'on' position.
  • Confirm the lawful basis under which data for inactive candidates is handled - candidate consent or legitimate interest.
    • If lawful basis is set to 'Candidate consent,' candidates will be prompted to provide explicit consent to the storage of their data in your system.
    • If lawful basis is set to 'Legitimate interest,' candidates do not need to consent to the storage of their data in your system. The decision to store inactive candidate data on the basis of legitimate interest is typically a decision made by an organization's legal team.

Data retention configuration tile for Canada; lawful basis menu expanded.


Changing the lawful basis on the 'Data compliance' page when defining the data retention settings for an individual country will change the lawful basis for all countries. Adding or changing the link to your organization's privacy policy under the lawful basis heading will also apply to all countries.
  • Below the lawful basis field, you can define the data retention period for that specific country in years and/or months. Owners of opportunities associated with postings in that country will receive a reminder one month before the expiration period defined in this field prompting them to take one of the following actions:
    • If lawful basis is set to 'Use candidate consent,' the opportunity owner will be prompted to refresh the candidate's consent.
    • If lawful basis is set to 'Rely on legitimate interest,' the opportunity owner will be prompted to anonymize the candidate's data.

Data retention configuration tile for Canada showing retention period fields.

  • Next, specify the candidate data fields to anonymize for candidates associated with postings in the selected country. When anonymizing the profiles of candidate's associated with postings in this country, only the data fields you have selected at this step will be anonymized.

Checklist of candidate data fields to be anonymized.

  • You will also need to configure the degree of anonymization that you want Lever to apply to candidates' email addresses by selecting whether or not store them as hashed values.  Like lawful basis, this setting is a global setting meaning your selection will apply to the data compliance policies of all countries (not just the policy of the country your are currently configuring).
    • Selecting the option to not store a candidate's email address as a hashed value will result in complete and permanent deletion of candidates' email addresses when they are anonymized. Storing a candidate's email as a hashed value keeps the candidate's email on file in an unreadable format, and will only ever resurface if a new opportunity is created with the same email address in association with a candidate that previously requested the deletion of their data. For a more detailed breakdown, refer to our help article on anonymizing opportunities.

Anonymized candidates radio button options.

  • Click the Save Changes button to lock in the data compliance settings for that country.

To make changes to a country's data compliance settings, click the gear icon (⚙) to the right of the country name. You can use the search bar and filter at the top of the 'Data Compliance' page to easily locate countries.


Localized data compliance settings are based off the location of the posting to which a candidate applies, not the candidate's physical location. For example, if a candidate applies to a posting based in Belgium, but the candidate applies from an IP address in Germany, the candidate's data would be retained and anonymized in accord with the configuration set for Belgium in your data compliance settings.

Anonymizing candidate data via 'Data compliance' settings

From the Data compliance section in your Settings, you can also anonymize candidate data for candidates whose consent or interest has expired. To anonymize candidate data from the data compliance settings page:

  • Click the 'Candidate data' tab on the Data Compliance page
  • On the 'Candidate data' tab, you will see a list of candidates whose consent or interest has expired relative to the data retention periods you have set at the country level.
    • Each row in the list represents an individual opportunity. You may see the same candidate appear multiple times in the list if they have multiple opportunities in need of anonymization. Each of a candidate's opportunities will need to be anonymized in order for the candidate to be considered fully anonymized.

Candidate data page in Data compliance settings showing list of candidate opportunities in need of anonymization.

  • To anonymize an individual candidate, click Anonymize to the right of their name in the list. In the modal that appears, click the Anonymize candidate data button to complete the action. The candidate's information will be anonymized in accord with the field anonymization settings for the country of the posting associated with their opportunity (see above).

Anonymization confirmation modal with Anonymize candidate data button.

  • To anonymize candidates in bulk, select the checkboxes next to the names of the candidates you wish to anonymize and click the Anonymize candidates button that appears at the top of the list. Click the Anonymize candidate data button to complete the action.

Multiple opportunities selected in candidate data list; anonymize candidates button appears above list.

You can filter the list by country and time range to prioritize different cohorts of candidates for anonymization.

How localized data compliance works with GDPR settings

As an alternative to the data privacy settings configurable via the 'Data compliance' page in your settings, Lever also supports the ability to manage data privacy by way of a globally-applied GDPR policy (enabled via Settings > Company > Compliance). This option allows you to configure a single data retention period for all candidates within one of the following jurisdictions:

  • Only candidates and jobs location in the EU
  • Candidates and jobs located in the EU and unknown locations
  • All candidates (regardless of their current location)

Unlike the localized data compliance settings, GDPR settings determine location based on the IP address of the candidate (not the location of the job posting to which their opportunity is associated). The 'Data compliance' and 'GDPR' settings are exclusive to one another, meaning you can only have one enabled in your Lever environment at any given time. If you have GDPR enabled in your Lever environment, you will be required to disable it before you can enable localized data compliance settings. To learn more, refer to our help article on the difference between Data compliance and GDPR settings.

Was this article helpful?
0 out of 0 found this helpful